From 13f378819c47717b5936668edeb3fe028691a9c1 Mon Sep 17 00:00:00 2001 From: bbruns Date: Sun, 13 Apr 2014 16:30:22 +0000 Subject: [PATCH] Fix some issues with conntracking rules --- lib/iptables.inc | 3 --- 1 file changed, 3 deletions(-) diff --git a/lib/iptables.inc b/lib/iptables.inc index 51ee016..a02633b 100644 --- a/lib/iptables.inc +++ b/lib/iptables.inc @@ -420,10 +420,7 @@ function enable_forwarding { [[ ${state} == "-" ]] && state="" [[ ${protocol} == "-" ]] && protocol="" [[ ${bidirectional} == "-" ]] && bidirectional="no" - - [[ ${action} == "DROP" ]] && conntrack_state="" - ${VER_IPTABLES} -A ${FwdFilter} ${protocol} ${srcinterface} ${srcaddress} ${srcport} ${syn} ${dstinterface} ${dstaddress} ${dstport} ${conntrack_state} -j ${action} [[ ${bidirectional} == "yes" ]] && ${VER_IPTABLES} -A ${FwdFilter} ${protocol} ${revsrcinterface} ${revsrcaddress} ${revsrcport} ${syn} ${revdstinterface} ${revdstaddress} ${revdstport} ${conntrack_state} -j ${action} done < "${FWCONFIGDIR}/ipv${IPVER}/forward.conf"